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CENTRAL SIGN-ON SERVER RECEIVES REDIRECT, 
OPERATIVE FEDERATION IDENTIFICATION, CHALLENGE, 
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CENTRAL SIGN-ON SERVER ATTEMPTS TO RECOGNIZE 
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CENTRAL SIGN-ON SERVER LOOKS UP LOGIN 
IDENTIFICATION OF CLIENT BASED ON COOKIE 
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CENTRAL SIGN-ON SERVER CREATES COOKIE 



CENTRAL SIGN-ON SERVER CREATES ENTRY ON LOCAL 

TABLE 



CENTRAL SIGN-ON SERVER USES PRIVATE KEY TO CREATE 

DIGITAL SIGNATURE 



CLIENT BROWSER REDIRECTED BACK TO ORIGINATING 
SERVER WITH PARAMETER INDICATING NO SESSION 

PRESENT 



ORIGINATING SERVER PROMPTS CLIENT BROWSER WITH 

LOGIN PAGE 



CLIENT PROVIDES AUTHENTICATION 



ORIGINATING SERVER CREATES NEW SESSION 



ORIGINATING SERVER SENDS MESSAGE TO CENTRAL 
SIGN-ON SERVER 



404 



406 



408 



410 



412 



414 



416 



418 



CENTRAL SIGN-ON SERVER VERIFIES DIGITAL SIGNATURE 
OF ORIGINATING SERVER 



CENTRAL SIGN-ON SERVER STORES INFORMATION TO 

LOCAL RECORD 



ORIGINATING SERVER REDIRECTS CLIENT BROWSER TO 

URL REQUESTED 



420 



422 



424 



500 



FIG. 5 



CLIENT WITH SESSION ON WEB SERVER CONNECTS TO 
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CLIENT LOGS OUT 
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CENTRAL SIGN-ON SERVER VERIFIES DIGITAL SIGNATURE 
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CENTRAL SIGN-ON SERVER USES CHALLENGE TO LOOK UP 
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